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Amendments to the Claims : 

1. (Previously Presented) In a transaction involving a disclosure of confidential 
information by first parties to second parties, requiring the second parties to have adopted 
security measures with respect to the handling of the infoniiation and periodically respond to 
requests of the first parties for assurances of the adoption, implementation and observance of the 
security measures by the second party, a method for providing such assurances to the first 
parties, comprising: 

arranging by a third party with a selected number of the second parties to acquire, 
compile and store in a database of said third party, infoniiation regarding the adoption, 
implementation and observation of security measures for each of the selected number of second 
parties; 

arranging by said third party with a selected number of the first parties subscription 
services providing the selected number of first parties with assurances of the security measures 
of the selected number of second parties upon request; and 

providing by said third party the assurances of the security measures of the selected 
number of second parties to the selected number of first parties upon request. 

2. (Previously Presented) The method according to claim 1 flirther including 
updating the security measures information stored in the database of said third party for each 
second party periodically. 

3. (Previously Presented) The method according to claim 1 further including 
updating the security measures information stored in the database of said third party upon a 
notification by a respective second party and verification by a third party. 

4. (Previously Presented) The method according to claim 1 wherein the acquisition, 
compilation and storage of the security measures information of the selected number of second 
parties by said third paity is perfomied at no cost to the selected number of second parties. 

5. (Previously Presented) The method according to claim 1 including rendering the 
subscription services of said third party for a fee. 

6. (Currently Amended) The method according to claim 1 fiirther including 
providing by said third party a rating for each second party based upon a type of the confidential 
information and the security measures of the vendor said second party . 
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7. (Previously Presented) The method according to claim 1 further including 
providing a rating by said third party for each second party based upon the security measures of 
the second party. 

8. (Previously Presented) A method for providing security information on a 
plurality of vendors to a plurality of clients, comprising: 

providing an assessment of security procedures adopted, implemented and observed for 
each of the plurality of vendors; 

storing each assessment in a vendor security database; and 

providing access to the vendor security database to each client to allow each client to 
review the plurality of assessments. 

9. (Original) The method according to claim 8 wherein the assessment is provided 
at cost to the vendor. 

10. (Previously Presented) The method according to claim 8 wherein the assessment 
is provided for a fee to the vendor. 

1 1 . (Original) The method according to claim 8 wherein the assessment is provided 
at no cost to the vendor. 

12. (Previously Presented) The method according to claim 8 wherein the access 
provided to each client is pursuant to the rendering of subscription services for a fee. 

13. (Original) The method according to claim 8 wherein the assessment is updated 
periodically. 

14. (Previously Presented) The method according to claim 8 wherein the assessment 
is updated whenever the vendor updates its security procedures, the updates are verified and 
provided to the database. 

15. (Original) The method according to claim 8 wherein each assessment comprises 
one or more of SAS70 reports, Penetration Reports, Infonnation Security Policies, Computer 
hicident Response Policies, DR Plans, Business Resumption Plans, Insurance Coverages, 3"^^ 
Party Vendor Management Policies & Programs and Annual Financial Reports. 

16. (Original) The method according to claim 8 further including providing a rating 
for each vendor based upon a type of infoniiation to be protected and the security procedures of 
the vendor. 
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1 7. (Original) The method according to claim 8 further including providing a rating 
for each vendor based upon the security procedures of the vendor. 

18. (Previously Presented) A method of providing assurance to one of a number of 
first party entities that one of a number of second party entities to which said one first party 
entity contemplates the disclosure of ceitain confidential information, has adopted, implemented 
and observed certain security measures with respect tot the handling of confidential information, 
comprising: 

arranging with at least one of said second party entities to acquire therefrom, compile and 
store in a database, by a tliird party entity, verification regarding the adoption, implementation 
and observation of security measures in the handling of confidential information of at least one 
of said first party entities; 

arranging with at least one of said first party entities, a subscription service providing 
said one first party entity with assurance of the adoption, implementation and observance of the 
security measures of said one second party, by said third party, upon request, upon request of 
said one first paity entity; and 

providing the requested assurances by said third party to said one first party in response 
to said request. 
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